Security Writeup

Documentation standards for security research and CTF challenges.

Document Types

| Document | Purpose | When to Create | |----------|---------|----------------| | STATUS.md | Progress tracking | Start of work, update throughout | | REPORT.md | Technical writeup | After solution or significant progress |

STATUS.md

Track progress for restartability. Update after:

Starting work on a problem
Finding key information (offsets, addresses)
Failed attempts (document what didn't work!)
Completing a phase (recon → analysis → exploit → docs)
Session end

Status Icons

✅ Solved
🔄 In Progress
❌ Not Started
⏸️ Blocked

REPORT.md

Combine technical writeup with learning explanation.

Required Sections

Overview - Accessible summary
Binary Properties - checksec output as table
Vulnerability - Type, location, root cause
Exploitation - Step-by-step approach
Payload - Structure and key addresses
Flag - The solution
Mitigations - How to prevent

Writing Guidelines

Technical enough to reproduce
Accessible enough to learn from
Include actual addresses and offsets
Explain the "why" not just the "what"

Multi-Problem Labs

For CTFs with multiple problems:

lab/
├── STATUS.md           # Overview of ALL problems
├── problem1/
│   ├── STATUS.md       # Detailed for this problem
│   ├── exploit.py
│   └── REPORT.md
└── problem2/
    └── ...

Root STATUS.md tracks overall progress; per-problem STATUS.md tracks details.

Templates

templates/REPORT.md - Full technical writeup
templates/STATUS.md - Progress tracking